Practical Anonymous Subscriptions at University of Texas & Maryland

Practical Anonymous Subscriptions at University of Texas & Maryland
Slide Note
Embed
Share

Anon-Pass presents practical solutions for anonymous subscriptions, addressing anonymity and efficiency. Explore the challenges of unlinkability and sharing resistance in media services. Learn about anonymous music services and the intricacies of linked accesses. Discover methods for achieving unlinkable transactions while maintaining sharing resistance. Dive into the intersection of practicality and anonymity in subscription services.

  • Anonymous Subscriptions
  • Privacy
  • Anonymity Solutions
  • Media Services
  • University Research
jaquav
jaquav Follow

Uploaded on Feb 15, 2025 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. Anon-Pass: Practical Anonymous Subscriptions Michael Z. Lee , Alan M. Dunn , Jonathan Katz*, Brent Waters , Emmett Witchel University of Texas at Austin * University of Maryland May 20, 2013

  2. Media Subscriptions Unlimited access subscriptions -2-

  3. Lets build a service X 1234 1234 2345 Sharing Resistance (admission control) -3-

  4. They are collecting information about you. -4-

  5. Anonymous Media Accesses can t be correlated Song 2 Song 1 time 1234 8720 Unlinkability -5-

  6. Linked accesses could deanonymize users Access patterns for enough time could help deanonymize clients The Netflix Prize dataset [Narayanan, Shmatikov 2008] Social networks [Narayanan, Shmatikov 2009] -6-

  7. But even if tokens are unlinkable 1234 128.83.122.105 141.212.15.125 8720 37.130.227.133 128.83.122.105 We assume clients are using a network anonymity service -7-

  8. Anonymous Music Service Straw Man 1234 8720 7964 8739 1910 2372 3141 Unlinkability but not sharing resistance -8-

  9. How do we get both? Unlinkable Serial Transactions [Syverson et al. 1997] Sharing resistance, unlinkability but needs unbounded storage Anonymous Blacklisting Systems [Tsang et al. 2008] Sharing resistance, unlinkability but computationally expensive -9-

  10. And also be practical? Unlinkable Serial Transactions [Syverson et al. 1997] Sharing resistance, unlinkability but needs unbounded storage Anonymous Blacklisting Systems [Tsang et al. 2008] Sharing resistance, unlinkability but computationally expensive Anon-Pass Sharing resistance, unlinkability, and efficiency Example: over 12,000 concurrent clients -10-

  11. How? How is Anon-Pass built? How is Anon-Pass used? How does Anon-Pass perform? -11-

  12. How is it built? Split up time into epochs Each user has a unique token for an epoch t 1 t t+1 t+2 time 1234 Each epoch allows a new, unpredictable token -12-

  13. How is it built? Split up time into epochs Each user has a unique token for an epoch t 1 t t+1 t+2 time PRF (t) PRF 1234 <- Each epoch allows a new, unpredictable token Use a pseudorandom function (PRF) -13-

  14. High Level Protocols Register Get a blinded signature on a secret Login Prove the token used the signed secret (in zero knowledge) -14-

  15. Anonymous Music Service Song 2 Song 1 t 1 t t+1 t+2 time 1234 8720 PRF (t) PRF (t+2) -15-

  16. Anonymous Music Service But songs don t always fit in one epoch Song 1 t 1 t t+1 t+2 time PRF (t) PRF (t+1) PRF (t+2) 1234 5629 8720 -16-

  17. Anonymous Music Service But songs don t always fit in one epoch And these accesses are implicitly linked t 1 t t+1 t+2 time 1234 5629 8720 Conditional Linkability -17-

  18. Accesses can be implicitly linked Baby+ 0s Baby+15s Baby+30s Baby+45s Baby+60s Baby+75s Baby+90s . The service knows when the same song is repeatedly accessed Client is implicitly linked while accessing the same media And unlinkability costs the service provider (and therefore harms the system) -18-

  19. Re-Up Our way of getting conditional linkability Prove the current token and the next token are linked Trades unlinkability for efficiency But the client already lost unlinkability while accessing the same media -19-

  20. Re-Up is more efficient Login proves you should be allowed access Re-Up proves you logged in before Login takes 10 expensive operations Re-Up takes only 2 -20-

  21. Using Login and Re-Up A client must Login to start a new song And Re-Up to continue playing the same song t 1 t t+1 t+2 time Re-Up Re-Up To be unlinkable again, the client must wait until the next epoch -21-

  22. Epoch Lengths: Long vs. Short A short epoch means less time to be unlinkable And less delay between client actions Happy Clients A long epoch means fewer client requests And lower server load Happy Server Choosing an epoch length depends on the service (e.g., 15 seconds for music, 5 minutes for movies) -22-

  23. Re-Up helps balance this tension Short epochs means less wait between unlinkable actions Re-Up instead of Login reduces server load -23-

  24. And Anon-Pass is formally proven Formal proof of security holds under the DDHI assumption Formal proof of soundness holds under the LRSW assumption Stated and proved in the paper -24-

  25. How? How is Anon-Pass built? How is Anon-Pass used? How does Anon-Pass perform? -25-

  26. How could it be used? Anonymous Music Streaming Music download over normal HTTP 15 second epoch Unlimited-use Subway Pass NYC s unlimited pass 6 minute epoch Account Proxy Multiplex accounts to news sites 1 minute epoch -26-

  27. System Architecture my laptop subscription service Application Server Client Application -27-

  28. System Architecture my laptop subscription service Application Server Client Application Authentication Server User Agent -28-

  29. System Architecture my laptop subscription service Application Server Gateway Client Application 3rd party service Authentication Server User Agent -29-

  30. User Agent Purpose: minimize changes to client applications Job: Create Login and Re-Up requests Keep the user secret secure Modified VLC to anonymously stream (54 LoC) No modifications to support browsers -30-

  31. Authentication Server Purpose: enforce sharing resistance Job: Verify tokens and token uniqueness Record active tokens Runs on the service or as a 3rd party -31-

  32. Gateway Purpose: enforce access control with minimal change to existing services Job: Prevent unauthorized access and responses Remove verification from the critical path Runs on the service as a front end server -32-

  33. How? How is Anon-Pass built? How is Anon-Pass used? How does Anon-Pass perform? -33-

  34. Evaluation Environment quad-core 2.66 GHz Intel Core 2 CPU 8GB RAM 1 Gbps network 10 client machine to evaluate the streaming music service An HTC Evo 3D to evaluate the anonymous subway pass -34-

  35. Crypto Cost 10 9 8 milliseconds 7 Other 6 5 Verify 7.8x Faster 4 3 2 1 0 Login Re-up -35-

  36. Music Service Scaling HTTP server to stream music 15 second epoch Add clients until we run out of resources Used 10 client machines -36-

  37. Music Service Scaling Login Only vs. Anon-Pass Steady Login Only 8,000 Clients % CPU Anon-Pass 12,000 Clients Time -37-

  38. Anonymous Subway Pass Problem: Need to rate limit between swipes A long epoch can simulate that timeout But sharing is still possible t t+1 -38-

  39. Anonymous Subway Pass Solution: Login and Re-Up at the same time Accesses during later epochs are linkable t 1 t t+1 t+2 time X -39-

  40. Anonymous Subway Pass Implemented as an Android application Clients Login and Re-Up twice (18 minute NYC policy) Takes only 0.2 seconds (on an HTC Evo 3D) -40-

  41. Anon-Pass Practical efficient enough to scale Flexible works with different services Deployable minimizes service changes -41-

  42. -42-

Related


security solutions company in maryland

security solutions company in maryland

Mirtunjay1
Real Property Considerations in Maryland Probate

Real Property Considerations in Maryland Probate

mori
Maryland Department of Health ePREP Overview for Providers

Maryland Department of Health ePREP Overview for Providers

brandy
Landmark Supreme Court Cases: Marbury v. Madison & McCulloch v. Maryland

Landmark Supreme Court Cases: Marbury v. Madison & McCulloch v. Maryland

lilian
Presentation to Judiciary and Senate Committees on Maryland Child Support Guidelines

Presentation to Judiciary and Senate Committees on Maryland Child Support Guidelines

deirdre
Maryland's Climate Change Initiatives and Goals

Maryland's Climate Change Initiatives and Goals

bsib
Challenges and Initiatives in Rural Maryland

Challenges and Initiatives in Rural Maryland

alb_g
The Influence of Maryland Green School Certification on Student Achievement Research Study

The Influence of Maryland Green School Certification on Student Achievement Research Study

afeag
Guide to Adding New Customers and Managing Subscriptions in Partner Center

Guide to Adding New Customers and Managing Subscriptions in Partner Center

con_p
Analysis of 2014 Elections in Maryland

Analysis of 2014 Elections in Maryland

slty667
Maryland Water Quality Certification Regulations Overview

Maryland Water Quality Certification Regulations Overview

ana_133
Provide Access to Fresh Food: Eat Fresh Maryland Initiative

Provide Access to Fresh Food: Eat Fresh Maryland Initiative

holmquist_a
Texas Pecan Board Enhancing Pecan Farming and Market Promotion

Texas Pecan Board Enhancing Pecan Farming and Market Promotion

rivenbark_a
Heroin Anonymous: Recovery Program and Practices

Heroin Anonymous: Recovery Program and Practices

antwu
Revolutionizing Magazine Subscriptions for Publishers - Exclusive Service Launch

Revolutionizing Magazine Subscriptions for Publishers - Exclusive Service Launch

hvai
Unlocking Non-Dues Revenue Growth Through Learning Subscriptions

Unlocking Non-Dues Revenue Growth Through Learning Subscriptions

mong_oa
Early History of American Indian Groups in Texas and North America

Early History of American Indian Groups in Texas and North America

ber_mcc
Insight into Azure Server Subscriptions for CSP - September 2018

Insight into Azure Server Subscriptions for CSP - September 2018

nilt889
Non-Interactive Anonymous Router with Quasi-Linear Computation

Non-Interactive Anonymous Router with Quasi-Linear Computation

alista
Overview of Major Eras in Texas History

Overview of Major Eras in Texas History

bri_ba
Texas History Overview: Missions, Colonization, and Important Figures

Texas History Overview: Missions, Colonization, and Important Figures

joni_3
University of Texas Health Center Infection Control Collaborative Overview

University of Texas Health Center Infection Control Collaborative Overview

cama_9

More Related Content